Focus on DroxiDat/SystemBC
Tags
Common Information
| Type | Value |
|---|---|
| UUID | dff8d6ec-790f-4f9a-bc01-05dfe636723f |
| Fingerprint | 5102419fa91a60e |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 10, 2023, 10 a.m. |
| Added to db | Aug. 12, 2023, 2:05 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Focus on DroxiDat/SystemBC |
| Title | Focus on DroxiDat/SystemBC |
| Detected Hints/Tags/Attributes | 85/2/30 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/focus-on-droxidat-systembc/110302/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 223 | ✔ | Securelist | https://securelist.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | powersupportplan.com |
|
| Details | Domain | 4 | epowersoftware.com |
|
| Details | File | 4 | syscheck.exe |
|
| Details | File | 2 | c:\perflogs\syscheck.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 2 | c:\perflogs\hos.exe |
|
| Details | File | 2 | c:\perflogs\svch.dll |
|
| Details | File | 2 | rs.css |
|
| Details | File | 2 | c:\perflogs\a.dll |
|
| Details | File | 2 | c:\perflogs\host.exe |
|
| Details | File | 2 | c:\perflogs\hostt.exe |
|
| Details | File | 2 | c:\perflogs\svchoct.dll |
|
| Details | File | 2 | c:\perflogs\admin\svcpost.dll |
|
| Details | File | 2 | c:\perflogs\admin\syscheck.exe |
|
| Details | File | 2 | c:\perflogs\sk64.dll |
|
| Details | File | 2 | c:\perflogs\clinic.exe |
|
| Details | md5 | 4 | 8d582a14279920af10d37eae3ff2b705 |
|
| Details | md5 | 3 | 1957deed26c7f157cedcbdae3c565cff |
|
| Details | md5 | 4 | 19567b140ae6f266bac6d1ba70459fbd |
|
| Details | sha1 | 4 | f98b32755cbfa063a868c64bd761486f7d5240cc |
|
| Details | sha1 | 3 | be9e23e56c4a25a8ea453c093714eed5e36c66d0 |
|
| Details | sha1 | 4 | fd9016c64aea037465ce045d998c1eead3971d35 |
|
| Details | sha256 | 3 | a00ca18431363b32ca20bf2da33a2e2704ca40b0c56064656432afd18a62824e |
|
| Details | sha256 | 2 | 926fcb9483faa39dd93c8442e43af9285844a1fbbe493f3e4731bbbaecffb732 |
|
| Details | sha256 | 3 | a002668f47ff6eb7dd1b327a23bafc3a04bf5208f71610960366dfc28e280fe4 |
|
| Details | IPv4 | 4 | 93.115.25.41 |
|
| Details | IPv4 | 3 | 192.168.1.28 |
|
| Details | IPv4 | 4 | 179.60.146.6 |
|
| Details | IPv4 | 4 | 194.165.16.63 |
|
| Details | Threat Actor Identifier - FIN | 42 | FIN12 |